When attempting to work with a specific Managed Domain, Active Roles is able to connect properly and function as expected when the Force-SSL option is not enabled. However, when Force-SSL is enabled, the domain becomes greyed out in the Active Roles Console.
All of the required ports are open.
Review the certificate chain on both the Active Roles Administration Service host and the target Active Directory Domain Controller. Correct where needed.
For more assistance, please contact Microsoft.